Risk Manager

Risk Manager The Risk Manager is responsible for developing, implementing, and maintaining the organisation's Enterprise Risk Management (ERM) framework to identify, assess, monitor, and mitigate strategic, operational, financial, compliance, cybersecurity, and sustainability-related risks. The role supports management in strengthening governance, risk awareness, internal controls, and business resilience. This role reports to the Head of Group Risk Management. Key responsibilities 1. Enterprise Risk Management - Develop and maintain the organisation's ERM framework, policies, and procedures - Facilitate periodic risk assessments across business units and functions - Maintain and update the corporate risk register - Monitor key risk indicators (KRIs) and emerging risks - Coordinate risk reporting to senior management, risk committees, and the Board/Audit Committee - Ensure risk appetite and tolerance levels are clearly defined and monitored 2. Governance & Compliance -Promote a strong risk and governance culture across the organisation - Support compliance with regulatory, legal, and corporate governance requirements - Review adequacy of internal controls and recommend improvements - Coordinate with Internal Audit, Compliance, Legal, and business units on risk-related matters - Support whistleblowing, ethics, and fraud risk management initiatives where applicable 3. Operational & Business Risk Management - Identify operational, safety, security, procurement, financial, and IT risks - Facilitate root cause analysis and corrective action tracking for significant incidents - Support business continuity planning (BCP) and crisis management exercises - Assess risks relating to new projects, investments, systems, and strategic initiatives 4. Sustainability & Emerging Risks - Monitor emerging risks such as cybersecurity, AI, climate change, ESG, and geopolitical developments - Support sustainability risk assessments and reporting initiatives - Conduct environmental scanning and global risk sense-making activities 5. Risk Reporting Analysis - Prepare risk dashboards, heat maps, and management reports - Analyse risk trends and provide insights to management - Track mitigation action plans and report overdue items 6. Training & Awareness - Conduct risk management workshops and awareness programmes - Train risk owners on risk identification, assessment, and reporting methodologies - Promote accountability and risk ownership across the organisation

Requirements:
**Qualifications & Experience** - Degree in Risk Management, Finance, Accounting, Business, Engineering, Law, or related discipline. - Professional certifications (preferred) • Institute of Internal Auditors Certified Internal Auditor (CIA) • Certified Risk Management Professional (CRMP) • ISO 31000 Risk Management certification • Chartered Accountant / CPA (advantageous) - 5-10 years of experience in risk management, internal audit, governance, compliance, or related fields **Key competencies** -Strong analytical and problem-solving skills - Knowledge of ERM frameworks and internal controls - Good understanding of governance and compliance requirements - Strong communication and stakeholder management skills - Ability to influence senior management - Report writing and presentation skills - Data analytics and risk reporting capability - High integrity and professional judgement **KPIs** - Timeliness of risk reporting - Completion rate of mitigation actions - Reduction in overdue high-risk findings - Risk assessment coverage across business units - Effectiveness of risk awareness programmes - Improvement in governance/risk maturity scores The successful candidate is also expected to assist in insurance works.